Health data protection law is not an independent field of law, but rather data protection law in a particularly sensitive environment. Injuries are not only a direct threat to the physical and psychological integrity of those affected, but are also a matter of criminal law in many cases. In the future, infringements against data protection law will be severely punished. The new European General Data Protection Regulation provides for penalties of up to 20 million Euro or 4% of the annual turnover – depending on what is greater.
Documentation obligations, data collection for invoicing or quality improvement and research projects, generate rapidly expanding volumes of data. This data is to be stored and evaluated, however, personal data relating to the patient must not be collected, processed or used without authorisation. In particular, if data is to be used for purposes other than those for which it was collected, legal challenges arise.
We advise companies, hospitals, doctors and billing providers on all matters pertaining to data processing, forwarding and use. We assist in fulfilling information obligations, create legally compliant contractual solutions and support with the development and launch of software solutions. Here the focus is on up-to-date cloud solutions, big data and networking. We also support with data protection impact analyses and establishing IT security concepts.